Blog Posts Tagged with "Zero Day"
Podcast: Vupen CEO Chaouki Bekrar Talks About Selling Zero Days at CanSecWest
March 08, 2013 Added by:Mike Lennon
Ryan Naraine talks to Vupen CEO Chaouki Bekrar about the controversies surrounding the sale of zero-day vulnerabilities and exploits, his company’s business dealings and the work that goes into winning the CanSecWest Pwn2Ownhacker contest.
Comments (0)
Group-IB found a new zero-day vulnerability in Adobe products
November 11, 2012 Added by:Plagiarist Paganini
Once again the discovery comes from Russia, its a analysts are demonstrating great capabilities in investigations, the forensics firm Group-IB, the same that provided information on cybercrime activities in Russia in last months, has discovered the availability of a new exploit sold in the underground...
Comments (0)
Wrong response to zero day attacks exposes serious risks
October 22, 2012 Added by:Plagiarist Paganini
Recent revelations on Flame raise the question on the efficiency of zero day vulnerabilities, software bugs that hackers exploit to avoid security defenses on targeted systems. The real problem when we talk about zero-day is related to the duration of the period in which hackers exploit the vulnerability...
Comments (0)
Java in the Cross-Hairs of Enterprise Security
September 26, 2012 Added by:Rafal Los
Enterprises seem to have a love-hate relationship with Java. It's a client we aren't thrilled with, but when it comes to cross-platform use there aren't really any other alternatives. If you look around you'll find that many of the security platforms are written in what? Java...
Comments (0)
Ask the Experts: Management and Rational Decisions About Security
September 22, 2012 Added by:Brent Huston
Emphasize that there are security measures that are effective in zero day situations. These include such controls as anomaly based detection mechanisms, system user security training, and incident response programs. If you can detect these attacks early and respond to them correctly...
Comments (0)
Microsoft BlueHat: Five Questions with Katie Moussouris
September 12, 2012 Added by:Fergal Glynn
One of the big stories from this year’s BlackHat conference was Microsoft’s inaugural BlueHat contest which challenged researchers to design a novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities. Katie Moussouris discusses...
Comments (0)
Rapid 7 Analysis of Data Breach Incidents
September 11, 2012 Added by:Plagiarist Paganini
Excluding attacks by foreign governments and cyber criminals that exploit 0-days, with best practices and the adoption of compliance at the current standard, in matters of security it is possible to avoid data breach incidents, or at least reduce the amount of exposed information...
Comments (0)
Elderwood Project: Who is Behind Aurora and Ongoing Attacks?
September 10, 2012 Added by:Plagiarist Paganini
The attacks appeared to be originated in China and aimed at dozens of other organizations who were hit, of which Adobe Systems and Juniper Networks confirmed the incident. The press is also convinced that other companies were targeted such as Morgan Stanley, Northrop Grumman and Yahoo...
Comments (0)
Thousands of Sites Hacked with Plesk Zero Day Exploit
July 10, 2012 Added by:Headlines
"What is interesting is that most of our clients always used to be using CMSs (like WordPress, Joomla, etc), but lately we are seeing such a large number of just plain HTML sites getting compromised and when we look deeper, they are always using Plesk..."
Comments (0)
Researchers Unveil Advanced Malware Detection Method
June 29, 2012 Added by:Headlines
Unlike traditional malware detection tools, RiskRanker does not rely on malware samples and signatures already identified. It is able to identify applications that exhibit signs of malicious code while they are still in the marketplace, before the malware is downloaded onto potential victim's mobile devices...
Comments (0)
Dangers of Scanning QR Codes: Interview with Eric Mikulas
June 25, 2012 Added by:Fergal Glynn
Consumers make the mistake of trusting unreadable QR codes (unreadable by humans) that could really take a person anywhere. With all the vulnerabilities that are discovered on a regular basis with smart phones, it is only a matter of time until we see an explosion in malware for mobile platforms...
Comments (0)
The Debate When it Comes to Monetizing Security Flaws
June 20, 2012 Added by:Lee Munson
Some people think that if you try to profit on your discovery, then no matter what your intentions are, the discovery could be used for non ethical goals. They think that it does not matter if it is a good guy or a bad guy who gets the information. They think that both parties have the potential for abuse...
Comments (0)
Symantec: Internet Explorer Zero-Day Exploit in the Wild
June 18, 2012 Added by:Headlines
"While the exploit used in this attack has been referred to as being a zero-day due to reports of it being seen in the wild before the recent Security Bulletin Summary, zero-days are not commonly observed in attacks... this begs the question: will we see more zero-days being used in similar attacks?"
Comments (0)
Flamer: I Can Haz Propaganda...
May 31, 2012 Added by:J. Oquendo
Studies on malware by vendors are not being done for anything other than being able to state: "We can defend you from MalwareX if you purchase Product Y." This is the reality of it. What better mechanism to do so than to paint the boogeyman as a rogue country. After all, countries spend millions on security...
Comments (0)
Data Mining A Mountain of Zero Day Vulnerabilities
May 22, 2012 Added by:Fergal Glynn
Information leakage happens when sensitive information is displayed to the a user inadvertently. An example would be pathnames or database IP addresses returned within an error message to a user. An attacker can use this information to undermine the system...
Comments (0)
Strategic Web Compromises and Cyber Espionage Operations
May 15, 2012 Added by:Headlines
"Cyber Espionage attacks are not a fabricated issue and are not going away any time soon... They are aiming to expand their access and steal data. Communications (primarily e-mail), research and development (R&D), intellectual property (IP), and business intelligence..."
Comments (0)
- SecurityWeek Names Ryan Naraine as Editor-at-Large
- Why Cyber Security Should Be at the Top of Your Christmas List
- United States Federal Government’s Shift to Identity-Centric Security
- How Extreme Weather Will Create Chaos on Infrastructure
- BSIMM11 Observes the Cutting Edge of Software Security Initiatives
- Sustaining Video Collaboration Through End-to-End Encryption
- Will Robo-Helpers Help Themselves to Your Data?
- Securing the Hybrid Workforce Begins with Three Crucial Steps
- A New Strategy for DDoS Protection: Log Analysis on Steroids
- COVID-19 Aside, Data Protection Regulations March Ahead: What To Consider